Fix linter

This commit is contained in:
Josué Tille 2022-04-01 22:54:46 +02:00
parent d43bc11857
commit fc1befe9f8
No known key found for this signature in database
GPG Key ID: 716A6C99B04194EF
11 changed files with 107 additions and 82 deletions

View File

@ -21,7 +21,7 @@ FORCE_PRIVATE = false
DOMAIN = __DOMAIN__
HTTP_PORT = __PORT__
HTTP_ADDR = 127.0.0.1
ROOT_URL = https://__URL__/
ROOT_URL = https://__DOMAIN____PATH_URL__
DISABLE_SSH = false
SSH_PORT = __SSH_PORT__
OFFLINE_MODE = false

View File

@ -6,11 +6,6 @@ location __PATH__/ {
client_max_body_size 200M;
proxy_set_header X-Real-IP $remote_addr;
# Force https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

1
doc/DESCRIPTION.md Normal file
View File

@ -0,0 +1 @@
Gitea is a fork of Gogs a self-hosted Git service written in Go. Alternative to Github.

77
doc/DISCLAIMER.md Normal file
View File

@ -0,0 +1,77 @@
Additional informations
-----------------------
### Notes on SSH usage
If you want to use Gitea with ssh and be able to pull/push with you ssh key, your ssh daemon must be properly configured to use private/public keys. Here is a sample configuration of `/etc/ssh/sshd_config` that works with Gitea:
```bash
PubkeyAuthentication yes
AuthorizedKeysFile /home/%u/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
```
You also need to add your public key to your Gitea profile.
If you use ssh on another port than 22, you need to add theses lines to your ssh config in `~/.ssh/config`:
```bash
Host domain.tld
port 2222 # change this with the port you use
```
### Upgrade
By default a backup is made before the upgrade. To avoid this you have theses following possibilites:
- Pass the `NO_BACKUP_UPGRADE` env variable with `1` at each upgrade. By example `NO_BACKUP_UPGRADE=1 yunohost app upgrade gitea`.
- Set the settings `disable_backup_before_upgrade` to `1`. You can set this with this command:
`yunohost app setting gitea disable_backup_before_upgrade -v 1`
After this settings will be applied for **all** next upgrade.
From command line:
`yunohost app upgrade gitea`
### Backup
This app use now the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration is recommended to proceed like this:
- Stop gitea service with theses following command:
`systemctl stop gitea.service`
- Launch the backup of gitea with this following command:
`yunohost backup create --app gitea`
- Do a backup of your data with your specific strategy (could be with rsync, borg backup or just cp). The data is generally stored in `/home/gitea`.
- Restart the gitea service with theses command:
`systemctl start gitea.service`
### Remove
Due of the backup core only feature the data directory in `/home/gitea` **is not removed**. It need to be removed manually to purge app user data.
### LFS setup
To use a repository with an `LFS` setup, you need to activate-it on `/opt/gitea/custom/conf/app.ini`
```ini
[server]
LFS_START_SERVER = true
LFS_HTTP_AUTH_EXPIRY = 20m
```
By default Nginx is setup with a max value to updload files at 200 Mo. It's possible to change this value on `/etc/nginx/conf.d/my.domain.tld.d/gitea.conf`.
```
client_max_body_size 200M;
```
Don't forget to restart Gitea `sudo systemctl restart gitea.service`.
> This settings are restored to the default config when Gitea is updated. Don't forget to restore your setup after all updates.
### Git command access with HTTPS
If you want to use the git command (like `git clone`, `git pull`, `git push`), you need to set this app as **public**.

View File

@ -6,6 +6,12 @@
"en": "Lightweight Git forge",
"fr": "Forge Git légère"
},
"upstream": {
"license": "free",
"website": "https://gitea.io/",
"admindoc": "https://docs.gitea.io/",
"code": "https://github.com/go-gitea/gitea"
},
"url": "http://gitea.io",
"license": "MIT",
"version": "1.16.5~ynh1",
@ -29,39 +35,20 @@
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Gitea",
"fr": "Choisissez un domaine pour Gitea"
},
"example": "domain.org"
"type": "domain"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Gitea",
"fr": "Choisissez un chemin pour Gitea"
},
"example": "/gitea",
"default": "/gitea"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Gitea administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur de Gitea (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
"type": "user"
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public site?",
"fr": "Est-ce un site public ?"
},
"help": {
"en": "A public server means that everybody is able to access to the main page of the forge, on the public profile of the user and on the public repository. But you still can limit the access to each repository if you set it as private. Note that to be able to use the remote Git command (clone, pull, push) with HTTP and to use the API by (by example with a smartphone), you need to set this application as public.",
"fr": "Un serveur public signifie que tout le monde peut accéder à la page principale de la forge, au profil public des utilisateurs et aux dépôts publics. Vous pouvez également définir les dépôts comme étant privés. Notez que pour pouvoir utiliser les commandes Git distantes (clone, pull, push) avec HTTP et pour pouvoir utiliser l'API (par exemple avec un smartphone), vous devez paramétrer cette application comme étant publique."

View File

@ -4,7 +4,7 @@
app=$YNH_APP_INSTANCE_NAME
dbname=$app
dbuser=$app
db_user=$app
final_path="/opt/$app"
DATADIR="/home/$app"
REPO_PATH="$DATADIR/repositories"
@ -53,29 +53,7 @@ config_nginx() {
config_gitea() {
ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")
ynh_backup_if_checksum_is_different --file "$final_path/custom/conf/app.ini"
cp ../conf/app.ini "$final_path/custom/conf"
usermod -s /bin/bash $app
if [ "$path_url" = "/" ]
then
ynh_replace_string --match_string __URL__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
else
ynh_replace_string --match_string __URL__ --replace_string "$domain${path_url%/}" --target_file "$final_path/custom/conf/app.ini"
fi
ynh_replace_string --match_string __REPOS_PATH__ --replace_string "$REPO_PATH" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DB_PASSWORD__ --replace_string "$dbpass" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DB_USER__ --replace_string "$dbuser" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DOMAIN__ --replace_string "$domain" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __KEY__ --replace_string "$key" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __DATA_PATH__ --replace_string "$DATA_PATH" --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __PORT__ --replace_string $port --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __APP__ --replace_string $app --target_file "$final_path/custom/conf/app.ini"
ynh_replace_string --match_string __SSH_PORT__ --replace_string $ssh_port --target_file "$final_path/custom/conf/app.ini"
ynh_store_file_checksum --file "$final_path/custom/conf/app.ini"
ynh_add_config --template="app.ini" --destination="$final_path/custom/conf/app.ini"
}
set_permission() {
@ -89,10 +67,3 @@ set_permission() {
chmod u=rwX,g=rX,o= "/home/$app"
chmod u=rwX,g=rX,o= "/var/log/$app"
}
set_access_settings() {
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
}

View File

@ -22,7 +22,7 @@ domain=$YNH_APP_NEW_DOMAIN
path_url=$(ynh_normalize_url_path --path_url ${YNH_APP_NEW_PATH:-'/'})
app=$YNH_APP_INSTANCE_NAME
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
port=$(ynh_app_setting_get --app $app --key web_port)

View File

@ -41,7 +41,7 @@ fi
# Generate random password and key
ynh_script_progression --message="Defining db password and key..."
dbpass=$(ynh_string_random)
DB_PASSWORD=$(ynh_string_random)
key=$(ynh_string_random)
# Find available ports
@ -49,9 +49,8 @@ port=$(ynh_find_port --port 6000)
# Store Settings
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app $app --key mysqlpwd --value $dbpass
ynh_app_setting_set --app $app --key mysqlpwd --value $DB_PASSWORD
ynh_app_setting_set --app $app --key adminusername --value $admin
ynh_app_setting_set --app $app --key is_public --value $is_public
ynh_app_setting_set --app $app --key secret_key --value $key
ynh_app_setting_set --app $app --key web_port --value $port
@ -61,7 +60,7 @@ ynh_app_setting_set --app $app --key web_port --value $port
# Initialize database and store mysql password for upgrade
ynh_script_progression --message="Configuring MySQL database..."
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_create_db "$dbname" "$db_user" "$DB_PASSWORD"
# Add users
ynh_script_progression --message="Configuring system user..."
@ -99,14 +98,14 @@ ynh_script_progression --message="Configuring application, step 2/2..."
systemctl start "$app".service
# Wait untill login_source mysql table is created
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
while ! $(ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
do
sleep 2
done
# Add ldap config
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring fail2ban..."
@ -118,7 +117,10 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
# Unprotect root from SSO if public
ynh_script_progression --message="Protecting directory"
set_access_settings
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
# Create permission
ynh_script_progression --message="Configuring permissions"

View File

@ -27,7 +27,7 @@ systemctl stop "$app".service
# Drop MySQL database and user
ynh_script_progression --message="Removing databases..."
ynh_mysql_drop_db "$dbname" 2>/dev/null
ynh_mysql_drop_user "$dbuser" 2>/dev/null
ynh_mysql_drop_user "$db_user" 2>/dev/null
# Delete app directory and configurations
ynh_script_progression --message="Removing code..."

View File

@ -19,14 +19,11 @@ ynh_script_progression --message="Loading settings..."
# Retrieve old app settings
domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_app_setting_get --app $app --key path)
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get $app upstream_version)
# Check domain/path availability with app helper
ynh_webpath_available --domain $domain --path_url $path_url || ynh_die --message "$domain is not available as domain, please use an other domain."
# Check user parameter
ynh_user_exists "$admin" \
|| ynh_die --message "The chosen admin user does not exist."
@ -48,8 +45,8 @@ ynh_restore
# Create and restore the database
ynh_script_progression --message="Restoring database..." --weight=3
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./db.sql
ynh_mysql_create_db "$dbname" "$db_user" "$DB_PASSWORD"
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ./db.sql
# Restore systemd files
systemctl daemon-reload

View File

@ -18,10 +18,9 @@ ynh_abort_if_errors
ynh_script_progression --message="Loading installation settings..."
domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
dbpass=$(ynh_app_setting_get --app $app --key mysqlpwd)
DB_PASSWORD=$(ynh_app_setting_get --app $app --key mysqlpwd)
admin=$(ynh_app_setting_get --app $app --key adminusername)
key=$(ynh_app_setting_get --app $app --key secret_key)
is_public=$(ynh_app_setting_get --app $app --key is_public)
port=$(ynh_app_setting_get --app $app --key web_port)
upstream_version=$(ynh_app_setting_get --app $app --key upstream_version)
@ -56,7 +55,7 @@ ynh_handle_app_migration --migration_id=gogs --migration_list=gogs_migrations
if [[ $migration_process -eq 1 ]]; then
# Reload variables
dbname=$app
dbuser=$app
db_user=$app
final_path="/opt/$app"
DATADIR="/home/$app"
REPO_PATH="$DATADIR/repositories"
@ -74,7 +73,7 @@ if [[ $migration_process -eq 1 ]]; then
# Restore authentication from SQL database
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql
# Fix hooks
if [[ -e $REPO_PATH ]];then
@ -224,11 +223,7 @@ if ! ynh_permission_exists --permission admin; then
ynh_permission_create --permission 'admin' --allowed "$admin"
# Update ldap config
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
fi
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
ynh_mysql_connect_as "$db_user" "$DB_PASSWORD" "$dbname" < ../conf/login_source.sql
fi
# Add gitea to YunoHost's monitored services